Adding Web Sites that Support SSL Traffic

Created at:

Incapsula will automatically identify when web sites that support SSL traffic (HTTPS) are added to the service.

In order to enable Incapsula to support SSL traffic for such web sites, we will need to generate a certificate for your domain that will be hosted on our servers. In this process you are requested to approve the creation of such a certificate by our certificate provider.

The process of adding SSL support involves three simple steps:

  • Within 24 hours from adding the web site you will receive an e-mail from GlobalSign, our SSL certificate provider, requesting approval to generate an SSL certificate for your domain. To approve this request simply reply with "yes" in the message body.
  • After your approval Incapsula will provision the service to support SSL on your domain. This process can take up to 24 hours.
  • Once the process is completed, you will be notified through an e-mail and you will be able to proceed to the final step of adding your website to the Incapsula service

You can decide to continue with adding your web site to Incapsula without SSL support, however any user that will browse to your web site using SSL might be displayed with a warning from his browser.


Incapsula SSL Support - Frequently Asked Question

Q: Do I need to purchase SSL certificate, when onboarding Incapsula?
A: Absolutely not. We provide the certificate at no extra cost.

Q: Do I need to surrender my Private Key to Incapsula?
A: No.

Q: Will Incapsula cache HTTPS content?
A: Yes, but we will do so selectively unless the "Apply acceleration setting also to HTTPS" option is checked.For example, if this option is not checked, we will not cache HTML, unless specifically directed to do by cache Headers.

Q: What port do you use for SSL traffic and can I use another port?
A: The default SSL port is 443 and yes, Enterprise customers may use custom ports but you’ll need to contact our support.

Q: I didn’t receive the verification e-mail.
A: Check your “Spam” folder and if it’s not there, contact our support for further assistance.

Q: I have an EV certificate and I want to keep using it, what can I do? 
A: Incapsula’s Enterprise and Business Plus plans fully supports EV certificate.

Q: How do I add SSL support, if I didn’t have SSL when I first activated Incapsula?
A: Even after the initial site’s setup we will continue to monitor your SSL support so the system should detect this automatically. When this happens, new SSL controls will auto-appear in you ‘Settings’ screen and you can use them to add your new certificate. Also, you can always contact our support and we will be glad to help out.


And the full blog post about the subject can be found in this link.



Was this article helpful?
13 out of 13 found this helpful
Have more questions? Submit a request


  • Avatar

    Here you say "Within 24 hours from adding the web site you will receive an e-mail from GlobalSign" whereas on Certificat status it is mentioned "Validation email will be sent to x@x in a few minutes". There's quite a gap between a few minutes and 1440 :)

  • Avatar

    Need help on configuring SSL based domain. While adding the domain, it is not detecting the HTTPS protocol.
    Also, post adding the domain, we checked manually and not able to detect the SSL and getting the error as "An unclassified error is preventing us from detecting SSL on ""

    Edited by Amit
  • Avatar

    Getting the same "An unclassified error is preventing us from detecting SSL" error during SSL detection.

    It gets better though. If SSL is actually detected there are multiple issue with cert configuration.

    The cert issuance during initial site configuration barely works. Broken for two of our sites right now.

    The cert configuration after initial site configuration does not provide the DNS TXT record verification method. It only provides the email based verification which, again, is more than intermittently broken.

Powered by Zendesk